Saturday, November 7, 2015

Phone Security

I been seeing issues with phone recently and though I would talk about them… You might forget that a Smartphone today is much more powerful that the pc you use 10 years ago. But how do you protect them?

I seen over and over again phone with anti-virus or malware protection. You would not do that on PC why not protect your phone.

In the last few week I blogged about Problems with IPhones, and Android devices.. But wait there much more to worry about ….

Lookout has detected over 20,000 samples of this type of trojanized adware masquerading as legitimate top applications, including Candy Crush, Facebook, GoogleNow, NYTimes, Okta, Snapchat, Twitter, WhatsApp, and many others.

Over the past year, Lookout has studied three interconnected families of adware. Lookout discovered the family Shuanet, which, like all of these families, auto-roots the device and hides in the system directory. Kemoge, or what we call ShiftyBug, recently made headlines for rooting the victim’s device and installing secondary payload apps. Another family, Shedun, also referred to as GhostPush, is yet another example of this trojanized adware. While many classify these as simple “adware,” these families are trojans.

Together, the three are responsible for over 20,000 repackaged apps, including Okta’s two-factor authentication app. We are in contact with Okta regarding this malicious repackaging of its app.

The repercussions

For individuals, getting infected with Shedun, Shuanet, and ShiftyBug might mean a trip to the store to buy a new phone. Because these pieces of adware root the device and install themselves as system applications, they become nearly impossible to remove, usually forcing victims to replace their device in order to regain normalcy.

For enterprises, having rooted devices on the network is a concern, especially if those devices were rooted by a repackaged version of a legitimate and popular enterprise app. In this rooted state, an everyday victim won’t have the proper interface to control what apps on the phone request root access. The problem here is that these apps may gain access to data they shouldn’t have access to, given their escalated privileges.

With just a quick search for “malware” on this site you can find many stories about this topic. According to internet security firm McAfee, instances of mobile malware have increased by as much as 700 percent since 2011. It’s time to set things straight once and for all. This is the truth about Android malware.

Less you think IPhone are secure, a new Malware app called YiSpecter, the was discovered by security company Palo Alto Networks, the same entity that first detailed the XcodeGhost hack.

YiSpecter can infiltrate any iOS device via a variety of means, posing as a genuine Apple-signed app once installed. Once on your iOS device, the app can then make itself invisible to the user by disguising itself as an actual iOS app, or hiding itself from the home screen – which means the user has no means of deleting it.

Subscribe To Blog.mir.net

About Me

I am a self proclaimed geek who has authored, may technical training courses. As a speaker Jay has presented at many events including, user groups, Computer trade shows, DOD and federal conferences, ISPCON, TechEd, and WPC.
Jay is on the global board member of GITCA. Past President of ISACA-CT, Past president APCUG and is a Microsoft MVP Enterprise Security. Jay has been a MVP in in Windows, HPC, and Azure.